Improper Input Validation in SEIKO EPSON Printers
CVE-2023-38556

7.5HIGH

Key Information:

Vendor

Seiko Epson Corporation

Status
Seiko Epson Printer Web Config
Vendor
CVE Published:
2 August 2023

What is CVE-2023-38556?

The improper input validation vulnerability in SEIKO EPSON printer Web Config enables remote attackers to disable printers. Web Config, a web-based interface, is utilized for monitoring printer status and modifying settings. This flaw can be exploited by an attacker, potentially leading to unauthorized control over the printer, impacting operational integrity and posing a security risk for networks utilizing these devices.

Affected Version(s)

SEIKO EPSON printer Web Config = unspecified

References

https://www.epson.jp/support/misc_t/230802_oshirase.htm
https://jvn.jp/en/jp/JVN61337171/

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-38556 : Improper Input Validation in SEIKO EPSON Printers